Suppobox use new TLDs: [ru, net]

[suqitian]

• MD5

word list	MD5
1	eeaa43bb04003f98a29b92430ddd22ab
2	204fe23181c98c6fac4f624c2e842cd7
3	ab8b17382c4656c4a4aa6cd3f0abf123

• Domains

word list 1:

$ fdark -m eeaa43bb04003f98a29b92430ddd22ab | cut -f 5 | cut -d '=' -f 2 | tail
alonespecial.net
thinkgoodbye.net
strangeflower.net
classcorner.net
classspecial.net
twelvespecial.net
thinkgoodbye.ru
collegeadvance.net
presentgoodbye.net

[2016/11/04 14:07:05]

word list 2:

$ fdark -m 204fe23181c98c6fac4f624c2e842cd7 | cut -f 5 | cut -d '=' -f 2 | tail
southnice.net
arivenice.ru
arivenice.net
ariveelse.net
southelse.net
thisbreak.net
uponfine.net
arivefine.net
whichfine.net
uponnice.net

[2016/11/01 21:05:56]

word list 3:

$ fdark -m ab8b17382c4656c4a4aa6cd3f0abf123 | cut -f 5 | cut -d '=' -f 2 | tail                         
madeleinecharisma.net
glanvilletennyson.net
antonettecharisma.net
catherineanderson.ru
antonetteanderson.net
antonetteanastacia.net
charlottebernadine.net
stephaniebernadine.net
stephanieanastacia.net
stephaniebernadine.ru

[2016/11/04 08:33:20]

[suqitian]

• Code diff

$ diff dga_new.py dga.py 
23,24c23
<     tld_ru = False
<     for c in range(614):
---
>     for c in range(85):
46,53d44
<         if tld_ru:
<             tld_ru = False
<         elif seed % 5 == 0:
<                 tld = '.ru'
<                 tld_ru = True
<         if not tld_ru:
<             seed += 1
< 
54a46
>         seed += 1

dga_new.py is here.

• Test

Take word list 3 as example

$ python dga_new.py 3 -t '2016-11-04 20:00:00' | less
...
madeleinecharisma.net
antonetteanastacia.ru
antonetteanastacia.net
madeleineanastacia.net
antonetteanderson.net
madeleineanderson.net
charlottebernadine.net
stephaniebernadine.ru
stephaniebernadine.net
charlottecharisma.net
...